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element IDs. 
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CLAIMS 



[Claim(s)] 

[Claim 1] The use authorization conditions of these contents are managed with the decode key which decodes the 
enciphered contents. It is license management equipment with which answers a contents use demand from a user, 
enciphers this decode key and use authorization conditions, and a user is provided as a license. A physical element 
path storage means by which the information on a physical element that a license would win popularity in order and 
would be passed by the time said decode key is used for decode of contents was memorized, License management 
equipment characterized by having a license generation means to encipher said decode key and use authorization 
conditions based on the information on the physical element memorized by said physical element path storage 
means, and to generate a license. 

[Claim 2] Said license generation means is license management equipment according to claim 1 characterized by 
enciphering said decode key and use authorization conditions combining the proper identifier of two or more of said 
physical elements, and generating a license including the proper identifier of two or more physical elements which a 
license receives in order the information on the physical element memorized by said physical element path storage 
means, and are passed. 

[Claim 3] Said license generation means is license management equipment according to claim 2 characterized by 
enciphering with the gestalt which can be decoded using a proper identifier from the license from which this each of 
physical element received the element conditions that each physical element could be forced, among the element 
conditions which constitute said use authorization conditions. 

[Claim 4] It is license management equipment according to claim 2 or 3 which two or more physical elements the 
proper identifiers were remembered to be by said physical element path storage means are a record medium, a 
recording device, and a regenerative apparatus, and is characterized by enciphering said license generation means 
based on the proper identifier which said record medium, a recording device, and a regenerative apparatus have. 
[Claim 5] Said license generation means is license management equipment according to claim 4 characterized by 
enciphering using the exclusive OR of the proper identifier of said record medium, and the proper identifier of a 
recording device after enciphering using the proper identifier of said regenerative apparatus. 

[Claim 6] The use authorization conditions of these contents are managed with the decode key which decodes the 
enciphered contents. It is the license management method with which answers a contents use demand from a user, 
enciphers this decode key and use authorization conditions, and a user is provided as a license. The physical 
element path registration process of registering the information on a physical element that a license will win 
popularity in order and will be passed by the time said decode key is used for decode of contents, The license 
management method characterized by including the license generation process which enciphers said decode key and 
use authorization conditions based on the information on the physical element registered according to said physical 
element path registration process, and generates a license. 

[Claim 7] Said license generation process is a license management method according to claim 6 characterized by 
enciphering said decode key and use authorization conditions combining the proper identifier of two or more of said 
physical elements, and generating a license including the proper identifier of two or more physical elements which a 
license receives in order the information on the physical element registered according to said physical element path 
registration process, and are passed. 

[Claim 8] Said license generation process is a license management method according to claim 7 characterized by 
enciphering with the gestalt which can be decoded using a proper identifier from the license from which this each of 
physical element received the element conditions that each physical element could be forced, among the element 
conditions which constitute said use authorization conditions. 

[Claim 9] It is the license management method according to claim 7 or 8 which two or more physical elements the 
proper identifiers were remembered to be according to said physical element path storage process are a record 
medium, a recording device, and a regenerative apparatus, and is characterized by enciphering said license 
generation process based on the proper identifier which said record medium, a recording device, and a regenerative 
apparatus have. 

[Claim 10] Said license generation process is a license management method according to claim 9 characterized by 
enciphering using the exclusive OR of the proper identifier of said record medium, and the proper identifier of a 
recording device after enciphering using the proper identifier of said regenerative apparatus. 

[Claim 11] The use authorization conditions of these contents are managed with the decode key which decodes the 
enciphered contents. It is the license manager with which answers a contents use demand from a user, enciphers 
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this decode key and use authorization conditions, and a user is provided as a license. The physical element path 
registration procedure of registering the information on a physical element that a license will win popularity in order 
and will be passed by the time said decode key is used for decode of contents, The license manager characterized 
by performing the license generation procedure which enciphers said decode key and use authorization conditions 
based on the information on the physical element registered by said physical element path registration procedure, 
and generates a license by computer. 

[Claim 12] Said license generation procedure is a license manager according to claim 11 characterized by 
enciphering said decode key and use authorization conditions combining the proper identifier of two or more of said 
physical elements, and generating a license including the proper identifier of two or more physical elements which a 
license receives in order the information on the physical element registered by said physical element path 
registration procedure, and are passed. 

[Claim 13] Said license generation procedure is a license manager according to claim 12 characterized by 
enciphering with the gestalt which can be decoded using a proper identifier from the license from which this each of 
physical element received the element conditions that each physical element could be forced, among the element 
conditions which constitute said use authorization conditions. 

[Claim 14] It is the license manager according to claim 12 or 13 which two or more physical elements into which the 
proper identifier was registered by said physical element path registration procedure are a record medium, a 
recording device, and a regenerative apparatus, and is characterized by enciphering said license generation 
procedure based on the proper identifier which said record medium, a recording device, and a regenerative 
apparatus have. 

[Claim 15] Said license generation procedure is a license manager according to claim 14 characterized by 
enciphering using the exclusive OR of the proper identifier of said record medium, and the proper identifier of a 
recording device after enciphering using the proper identifier of said regenerative apparatus. 



[Translation done.] 
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DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention manages the use authorization conditions of contents with the decode key 
which decodes the enciphered contents, and it is related to the license management equipment, license 
management method, and license manager with which answer a contents use demand from a user, encipher a 
decode key and use authorization conditions, and a user is provided as a license. 

[0002] A monetary role provides people with fair remuneration with the property as matter called the money. As for 
an object called money, it was indispensable requirements not a mere verbal agreement-share concept but for 
forgery [ further / exist physically, can carry and / in addition to a publishing agency ] to be difficult. It existed 
physically, and by being portable, it could check impartially by the users of the value, and fair money issue-origin 
was able to control the opportunity of the fair check by counterfeit difficulty. However, the day when now monetary 
forged difficulty will collapse by development of a technology in recent years is near. The new value check object 
replaced with money is needed. It is necessary to exist physically too first, and the object can be carried and needs 
to be difficult to forge. Furthermore, the object carries out the access control of the publishing agency. 
[0003] In addition to the demand from this security strengthening side, the demand of implementation of a 
"superdistribution" is also increasing from the side face of diversification of the distribution of information, large- 
capacity-izing, and improvement in the speed. The environment which realized this "superdistribution" satisfies the 
following conditions, that (1) information user can obtain digital information for free mostly, that the conditions on 
which (2) information providers specified the conditions (accounting, alteration use conditions, etc.) to which use of 
that information is permitted, and the user has agreed can be forced, and (3) — in using this service, a required 
information user's add operation is "check of access condition" extent — it comes out. [ namely, ] 
[0004] It is expectable that accuracy and the system which can be performed safely contribute the access control 
of such a superdistribution also to unfair correction of royalty collection, such as a charge of a license, the present 
system — a work — about — although a provider cannot gain profits unless it can sell a number, to be able to build 
a system so that it may cross to a copyright person's hand correctly is desired. Moreover, the remuneration 
corresponding to each one of service charges is wanted to be distributed impartially until it results [ from an 
expert-artist ] in the designer who offers creation as components. 
[0005] 

[Description of the Prior Art] When access to contents, such as a work, was conventionally controlled on a 
distributed-system environment, especially an open network, use of contents was controlled by storing contents in 
the server which can be accessed from the user of contents, and controlling access to this server. Here, contents 
are digital contents with the structure recordable on a single store medium as a set of a bit string, and a document 
text, an image, an animation, program software, etc. are included. 

[0006] For example, drawing 17 is drawing showing the conventional access-control model. In drawing 17 , contents 
204 are enabling contents actuation from a user 205 through the access-control function 203. Moreover, for 
example, the copyright person 200 was taken care of by the access-control function 203 in contents 204, it is only 
registering with a server and the access-control actuation to the access-control function 203 was made by persons 
other than copyright person 200, for example, the manager who manages this server. 

[0007] That is, it is managed by the server employment person system 21 1 in which management employment is 
done by the manager 201, and the server employment person system 21 1 performs a copyright person and a user 
registration to the server system 212, and the server system 212 which holds contents as shown in drawing 18 
performs directory generation for it, and also performs permitting the access control by the copyright person 
further. The copyright person system 210 makes the contents of a copyright person's work save in the server 
system 212, and sets up access-control conditions (ACL) to the server system 212. In this case, a copyright person 
has to get authorization of an access control to the server system 212. On the other hand, the user system 213 
acquires the contents saved in the server system 212, when performing a contents Request to Send to the server 
system 212 and satisfying ACL on the occasion of use of contents. 

[0008] However, if all authority is granted to the user of contents and a user changes by migration or the copy 
(duplicate), to the contents of migration or a copy place, the authority of the copyright person of a basis will not be 
committed at all. Moreover, between the server manager who saves a contents object, and the copyright person, the 
state of access consent compulsion to an object is not clear, either, for example, a copyright person does not 
refuse and have a server manager, and to be able to change an access privilege was made into the natural thing. 
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[0009] On the other hand, without the distributed-system environment's having been promoted by low-pricing of a 
storage in recent years etc., and network traffic concentrating by it, the cache of the contents can be carried out to 
two or more servers, it can distribute now, and access to a contents object could be performed at the high speed. 
Therefore, although the access-control model as shown in drawing 17 should just build the firm access-control 
function only to the entry to the contents actuation by the user 205, it needed to perform all the directions-access 
control or security protection under the distributed-system environment mentioned above. 

[0010] Then, the access-control model as shown in drawing 19 was able to be considered. The copyright person 200 
is separated into the copyright person protected area which is a field which can be protected, the open field which 
receives the attack from all the outside, and protection of an alteration of hard/software and the secrecy protected 
area to which digital data duplicate prevention processing is performed by the conventional security technique in 
this access-control model. A secrecy protected area is protected by the omnidirection access-control function 221, 
and contents 222 are saved in this access-control function 221. 

[0011] The copyright person 200 is also enabling access-control actuation to the access-control function 221 with 
registration of contents 222 to these contents. A user 205 will acquire contents 222 from an open field through the 
access-control function 221. In addition, the field protection interface 220 is an interface which performs protection 
between a copyright person protected area and an open field. 

[0012] Somatization of the access-control model under the distributed-system environment shown in this drawing 
19 is indicated by the U.S. Pat. No. 5339403 number official report, and the technique of checking a user's device in 
JP.9-134311A a U.S. Pat. No. 5392351 number official report, a U.S. Pat. No. 5555304 number official report, and a 
U.S. Pat. No. 5796824 number official report, and preventing unjust use of contents in them is indicated. Hereafter, 
the conventional contents use control system is explained with reference to these official reports. 
[0013] Drawing 20 is drawing showing the contents distribution model of the conventional contents use control 
system. In drawing 20 , it is equivalent to the secrecy protected area indicated to be a decode protected area and a 
playback protected area to drawing 18 , a decode protected area is a field of protection of an alteration of 
hard/software, and duplicate prevention protection of output data, and a playback protected area is a field of 
duplicate prevention of digital decode data. The use environmental specification physical element (PCSUE) 235-1 - 
235-N are physical elements which specify the use environment of contents, and, specifically, are CPU, a peripheral 
device, a removable storage, an IC card, etc. 

[0014] In a decode protected area, the contents 234 which are the duplicates of the contents 233 enciphered by 
the copyright person 200, and exist in the server of an open field are decoded based on the certificate 236-1 of the 
physical element ID corresponding to PCSUE 235-1 - 235-N - 236-N, and these compounded contents are used for 
a user through a playback protected area. Therefore, contents are enciphered by the key corresponding to a 
physical element ID (contents 233), and in order to decode the contents 234 corresponding to these contents 233, 
each physical element ID or the secret key corresponding to it is needed. 

[0015] A license has the contents cache possible mold model acquired to another timing by saving the contents 
enciphered as the license coincidence model which distributes the license used for a contents distribution model 
here in order to decode the enciphered contents to the enciphered contents and coincidence into the cache of a 
server. Drawing 21 is drawing showing this contents cache possible mold model. 

[0016] In drawing 21 , first, it is a copyright person protected area, and an author 200 generates contents and 
enciphers these contents, after that, he reproduces and a cache is done to the server of an open field etc. On the 
other hand, the certificate 241-1 which enciphered the physical element ID of PCSUE 235-1 - 235-N - 241-N It is 
outputted to a copyright person protected area in the condition of having been enciphered, and a secret key Kp is 
taken out from the user physics object class corresponding to PCSUE 235-1 - 235-N. This secret key Kp, and a 
certificate 241-1 - 241-N to a physical element ID 243-1 - 243-N are decoded, and by this physical element ID 
243-1 - 243-N, the contents decode key Kc is enciphered and it outputs to a security field. 

[0017] In a security field, the enciphered contents decode key Kc is decoded by the physical element ID 242-1 - 
242-N, and the contents decode key Kc is obtained. The enciphered contents 234 which are acquired from an open 
field using this contents decode key Kc are decoded, and a user 205 is made to use as contents 244. 
[0018] Drawing 22 is the block diagram showing the outline configuration of the contents use control system 
corresponding to the contents cache possible mold model shown in drawing 21 . In drawing 22 , the copyright person 
system 250 exists in a copyright person protected area, the contents server 251 exists in an open field, and a 
license server 252 and the user system 253 exist in a secrecy protected area. The copyright person system 250 
enciphers the created contents, and saves these enciphered secrecy contents at the contents server 251. 
[0019] Moreover, the contents decode key Kc is transmitted to a license server 252, and the transfer of the right of 
an access control is performed to a license server 252. Furthermore, an access control list (ACL) setup is 
performed. When the use demand which shows that contents are used is transmitted to a license server 252 and 
the certification group of a physical element ID is not attached at this time, by the physical element criteria 
specification of a license server 252, the user system 253 acquires the certification group of a physical element ID, 
and sends it out to a license server 252. 

[0020] A license server 252 acquires the secret key Kp of a user's physical object class, as shown in drawing 21 , 
and the contents decode key Kc enciphered with the physical element ID which decoded and decoded the physical 
element ID certification group is sent out to the user system 253 as license L. If the physical element ID of the user 
system 253 is in agreement, decode is performed by this and secrecy contents can be decoded by it using this 
decoded contents decode key Kc. 
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[0021] In addition, since secret contents are saved at the contents server 251, the user system 253 needs to 
perform a secret contents distribution request to the contents server 251 separately, and needs to receive 
distribution of secret contents from the contents server 251. 

[0022] On the other hand, drawing 23 shows the outline configuration block Fig. of the contents use control system 
which realizes a contents coincidence distribution mold model. In drawing 23 , the contents server 251 will not exist 
but it will be sent to the user system 253 at license transmission and coincidence. Since secret contents are 
beforehand carried to the server near the user system 253 in time when acquiring secret contents through the 
contents server 251 as shown in drawing 22 , the user system 253 should just carry out a use demand, when 
contents are required. 

[0023] Moreover, suitable selection of the distribution channel of contents is attained as compared with a contents 
coincidence distribution mold model, and compaction of the response time can be expected on the occasion of 
contents acquisition for a user. Moreover, it is possible to distribute contents beforehand with the cache by the 
ROM medium base, broadcast, and the Proxy server etc. apart from offer of a license in a contents cache possible 
mold model, and there are many advantages. 
[0024] 

[Problem(s) to be Solved by the Invention] However, although secrecy contents can be decoded fundamentally and 
these contents can be used in the conventional contents use control system mentioned above if it is equipment 
which is in agreement with a user system at the physical element ID of a proper Since this physical element ID is 
generating the license (use authorization conditions) For example, the conditions which restrict the count of read- 
out of the contents determined with a copyright person's intention could not be added, a time limit could not be 
prepared, accounting conditions could not be set up, but there was a trouble that flexible contents use control could 
not be performed. 

[0025] Moreover, it did not restrict having always simple composition, but when it was a device with a complicated 
configuration, a use environmental specification physical element may have inaccurate specific device or specific 
components of the device, and even if it generated use authorization conditions with the use environmental 
specification physical element which is the device of an only big configuration, in such a case, there was a trouble 
overlooking injustice and that security fell. 

[0026] while, as for this invention, an information offer authority person including those who were made in view of 
the above and permitted by information implementers, such as a copyright person, can perform contents use control 
flexibly — unjust use of contents — precision — it aims at offering the license management equipment which can 
be prevented highly, a license management method, and a license manager. 
[0027] 

[Means for Solving the Problem] In order to solve the technical problem mentioned above and to attain the purpose, 
this invention The use authorization conditions of these contents are managed with the decode key which decodes 
the enciphered contents. It is license management equipment with which answers a contents use demand from a 
user, enciphers this decode key and use authorization conditions, and a user is provided as a license. A physical 
element path storage means by which the information on a physical element that a license would win popularity in 
order and would be passed by the time said decode key is used for decode of contents was memorized, It is 
characterized by having a license generation means to encipher said decode key and use authorization conditions 
based on the information on the physical element memorized by said physical element path storage means, and to 
generate a license. 

[0028] since [ according to this invention ] the information on a physical element that a license would win popularity 
in order and would be passed by the time a decode key is used for decode of contents was memorized, a decode 
key and use authorization conditions are enciphered based on the information on the memorized physical element 
and a license is generated — unjust use of contents — precision — it can prevent highly. 

[0029] Moreover, this invention manages the use authorization conditions of these contents with the decode key 
which decodes the enciphered contents. It is the license management method with which answers a contents use 
demand from a user, enciphers this decode key and use authorization conditions, and a user is provided as a license. 
The physical element path registration process of registering the information on a physical element that a license 
will win popularity in order and will be passed by the time said decode key is used for decode of contents, It is 
characterized by including the license generation process which enciphers said decode key and use authorization 
conditions based on the information on the physical element registered according to said physical element path 
registration process, and generates a license. 

[0030] Moreover, this invention manages the use authorization conditions of these contents with the decode key 
which decodes the enciphered contents. It is the license manager with which answers a contents use demand from 
a user, enciphers this decode key and use authorization conditions, and a user is provided as a license. The physical 
element path registration procedure of registering the information on a physical element that a license will win 
popularity in order and will be passed by the time said decode key is used for decode of contents. It is characterized 
by performing the license generation procedure which enciphers said decode key and use authorization conditions 
based on the information on the physical element registered by said physical element path registration procedure, 
and generates a license by computer. 

[0031] since [ according to this invention ] the information on a physical element that a license would win popularity 
in order and would be passed by the time a decode key is used for decode of contents was registered, a decode key 
and use authorization conditions are enciphered based on the information on the registered physical element and a 
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license is generated — unjust use of contents — precision — it can prevent highly. 
[0032] 

[Embodiment of the Invention] With reference to an accompanying drawing, the gestalt of suitable operation of the 
license management equipment concerning this invention, a license management method, and a license manager is 
explained below. 

[0033] Drawing 1 is drawing showing the configuration of the contents use control system which is the gestalt of 1 
operation of this invention. The contents use control system 10 shown in drawing 1 is a system which controls this 
use, when a user 2 uses the contents of the work which the copyright person 1 created. In drawing 1 , this contents 
use control system 10 is large, and has the copyright person system 20, the contents server 30, a license server 40, 
and the user system 50. 

[0034] The copyright person system 20 enciphers the created contents. By sending out a contents decode key 
required decoding the secrecy contents registration section 21 which performs processing (S10) which registers 
these enciphered secrecy contents into the contents server 30, and the enciphered contents (secrecy contents) to 
a license server 40 It has the right transfer section 22 of an access control which performs processing (S12) which 
transfers the right of an access control to a license server, and the ACL (S14) setting section 23 which sets use 
authorization conditions (ACL) as a license server 40, and the use control about the contents of a work is managed. 
[0035] When the secrecy contents sent from the copyright person system 20 are registered and there is a secrecy 
contents distribution request from the user system 50 (S16), the contents server 30 is sent out to the user system 
50, where these secrecy contents registered and saved are enciphered (S17). 

[0036] A license server 40 has license authorization / generation section 41 and the LDAP system 42. License 
authorization / generation section 41 searches the decode key corresponding to the physical element ID certificate 
and this which were added to this use demand when there was a use demand of contents from the user system 50 
(S18) from the LDAP system 42, a physical element ID decodes, the contents decode key corresponding to the 
contents by which the use demand was carried out searches, and the license enciphered with the physical element 
ID in this searched contents decode key transmits (S21). 

[0037] This license is physical environmental specification element conditions, is made equivalent to the structure of 
a physical element, and serves as an OR and a gestalt of the combination structured using the AND. Moreover, with 
the gestalt of this operation, not only the physical environmental specification element conditions of having been 
used from the former but the accounting conditions on condition of a user's use situation are collectively 
enciphered as ACL. About encryption and a decryption of this license, it mentions later. In addition, when the 
physical element ID certificate is not added to a use demand (S18), in not existing in the LDAP system 42, physical 
element criteria specification (S19) is sent to the user system 50, and it returns the physical element ID certificate 
group which the user system 50 generated (S20). 

[0038] On the other hand, when the contents decode key by the right transfer of an access control has been sent 
from the copyright person system 20 (S12), the database of the key 44 in the LDAP system 42 which mentions this 
contents decode key later is made to correspond to secrecy contents, and it registers with it. Moreover, this ACL is 
made that an ACL setup has been sent from the copyright person system 20 (S14), and to correspond to secrecy 
contents, and it stores in the access control list (ACL) in the LDAP system 42. 

[0039] The user system 50 has the distribution request (S16) of secrecy contents, secrecy contents demand / 
acquisition section 51 which acquires the distributed secrecy contents, a demand (S18) of a license, i.e., a use 
demand, and license demand / acquisition section 52 which processes acquisition (S21) of a license, and the 
specific use environment (SUE) 53 of a user system. In the specific use environment 53, a specific contents use 
environment is said and synthetic information, such as CPU, a peripheral device, a RIMUBARU storage, an IC card, 
and a contents use situation, is said. 

[0040] By the specific use environment, it has the use environmental specification physical elements (PCSUE) 54-1, 
such as CPU, - 54-N, the contents storage device 55-1 which stores contents - 55-M, and the playback devices 
56-1, such as a player and a viewer, - 56-L. Each PCSUE 54-1 - 54-N, each contents storage device 55-1 - 55-M, 
and each playback device 56-1 - 56-L have encryption / decryption / evaluation section 58-1 - 58-N, 60-1 - 60- 
M, and 62-1 - 62-L while having each physical element ID 57-1 - 57-N, 59-1 - 59-M, and 61-1 - 61 -L 
[0041] When enciphering and outputting with the physical element ID of a self-physical element in enciphering each 
physical element, and decrypting each physical element, encryption / decryption / evaluation section 58-1 - 58-N, 
60-1 - 60-M, and 62-1 - 62-L decrypt with the physical element ID of a self-physical element, and performs 
processing which evaluates a decode result further. That is, about processing of each physical element ID, it carries 
out for every physical element, and even if it is on the interface between physical elements, he is trying for 
information not to leak. 

[0042] Processing of the copyright person system 20 mentioned above next, the contents server 30, a license 
server 40, and a user system of operation is explained mainly with reference to a flow chart. First, with reference to 
the flow chart of drawing 2 , the internal-processing procedure of the copyright person system 20 is explained. 
[0043] In drawing 2 , it judges whether the actuation event generated the copyright person system 20 first (step 
S100). when the actuation event has not occurred (step S100 — nothing), this processing is repeated until an 
actuation event occurs, and the contents of actuation of an actuation event judge secrecy contents registration, 
ACL registration, and the right transfer of an access control for the actuation event to have occurred (step S100 — 
it is) (step S101). 

[0044] When the contents of actuation are secrecy contents registration (step 101, secrecy contents registration), 



http://www4jpdl.ncipi.gojp/cgi-bin/tran„web - cgLejje 



2006/07/24 



.JP,2003-178164,A [DETAILED DESCRIPTION] 



5/10 s<—V 



the secrecy contents registration section 21 enciphers contents (step S110), specifies the desired contents server 
30 from a contents server list (step S1 1 1), and performs a secrecy contents registration demand to this specified 
contents server 30 (step S1 12). Then, the response from the contents server 30 is obtained and it judges whether 
the response is O.K. or it is an error (step S1 13). 

[0045] When the response from the contents server 30 is O.K., in being an error, after performing error processing 
(step S1 14), it judges further whether the following contents server was specified as it is (step S1 15). when the 
processing which shifted to step S1 12 and was mentioned above when the following contents server was specified 
(step S1 15 — it is) is repeated and the following contents server is not specified (step S1 15 — nothing), the 
processing which shifted to step S100 and was mentioned above is repeated. 

[0046] in judging whether the contents decode key as which the ACL setting section 23 was specified further is 
registered when the contents of actuation are ACL setup (step 101, ACL setup) (step S120), and not registering a 
contents decode key (step S120 — nothing), error processing is performed (step S124), and it shifts to step S100 
and repeats the processing mentioned above, on the other hand, when there is registration of a contents decode 
key (step S120 — it is), an ACL setting demand is transmitted to a license server 40 (step S122), an ACL 
registration result is received from a license server 40 (step S123), and the processing which shifted to step S100 
after that, and was mentioned above is repeated. 

[0047] Moreover, when the contents of actuation are the right transfers of an access control (step S101, right 
transfer of an access control), the enciphered contents decode key is transmitted to a license server 40 (step 
S130), the registration result of an encryption contents decode key is received (step S131), it shifts to step S100 
and the processing mentioned above is repeated. 

[0048] Below, ACL set up by the ACL setting section 23 is explained here. Drawing 3 is drawing showing an example 
of an access condition, and an access condition has two kinds such as accounting conditions and physical 
environmental specification element (PCSUE) conditions. As shown in drawing 3 , as accounting conditions which 
are one of the descriptions of this invention, first, there is maxCount (count maximum of operational) and the use 
situation of the contents corresponding to this is count (operated count). It is going to access control, i.e., limitation, 
and license by preparing the limit of the count maximum of operational to the adjustable value of an operated count. 

[0049] The use situation of the contents corresponding to the accounting condition value of the next maxLength 
(read-out length between couplings) is totalLen (asked [ read die-length + ] read-out die length), and tends to 
control access by the read-out maximum length of contents. The use situation of the contents corresponding to the 
accounting condition value of the next maxTimeLen (the maximum time amount which can be performed) is 
totalTime (performed time amount length), and tends to control access by the maximum time amount of contents 
which can be performed. The use situation of the contents corresponding to the accounting condition value of the 
next maxDebt (lease possible amount of money (accounting conditions)) is debt (balance), and the minus value of 
the balance tends to serve as a debt frame, and tends to control access by accounting conditions. 
[0050] Moreover, as physical environmental specification element conditions, there is a body of a computer first, and 
the class of the physical element ID corresponding to this is PSN, and is the serial number of a processor. Here, a 
class is an object class on a database. The class of the physical element ID corresponding to the following 
peripheral device is DSN, and shows the class and serial number of a device. The class of the physical element ID 
corresponding to the following media is MSN, and shows the class and serial number of media. The physical element 
ID corresponding to the following IC card is certificates, and shows the certificate which an IC card publishes. 
[0051] The next body parts are a fingerprint and retina (iris) information, and the class of the physical element ID 
corresponding to this is bodyParts, and is the authentication information on a body part. The class of the physical 
element ID corresponding to the time zone which the next permits is timePeriod, and are a local clock and global 
GPS time of day. The next network domain shows the area on a network, and the class of the physical element ID 
corresponding to this is MACAddress, and shows a MAC Address. The geographical location of the following shows a 
use country etc., and the class of the physical element ID corresponding to this is location, and shows the location 
which GPS or PHS detects. The class of the physical element ID corresponding to storage of the next man is user- 
ID WithPwd, and shows user ID and a password. The class of the physical element ID corresponding to the last 
group is group, and shows the set of a physical element ID. 

[0052] Such an access condition is set up as a set with a logical combination of AND and OR, i.e., ACL. Although 
there are accounting conditions and physical environmental specification element conditions in an access condition 
as mentioned above, combination is possible for these to arbitration. For example, the following is set up as one 
ACL That is, ACL like udac_aclread:(grop=sysrapOR group=soft4soft) (AND45661 244<MSN<45661 41 2) OR 
count<1;modify:user=yujiOR user=hataORIC_card=1 afd234fe4def458c3bac78497bbda6 f;printgroup=sysrap; can be 
set up. 

[0053] According to this set-up ACL, "read" shows perusal conditions, and a group is "sysrap" or "soft4soft", and 
it becomes the conditions for perusal that media serial number MSN exceeds 45661244, and is less than 45661412, 
or an operated count does not use contents less than one, i.e., once. Furthermore, "modify" shows updating 
conditions and it becomes the conditions for renewal of contents that a user name is "yuji" or "hata", or the 
number of "IC.card" is "1 afd234fe4def458c3bac78497bbda6f." 

[0054] Moreover, "print" can show printout conditions, and a group can restrict it to "sysrap", and it can print 
contents. The copyright person 1 can set such ACL as arbitration from the copyright person system 20. Operability 
of this ACL setup improves by using GUI. In addition, you may make it set up the type of ACL with an actuation 
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name. For example, conditions can be chosen access condition (1) Coming [ the actuation name 1 ], and you may 
enable it to choose conditions access condition (2) Coming [ the actuation name 2 ]. Thereby, operability improves 
further. 

[0055] Below, with reference to the flow chart shown in drawing 4 , the internal-processing procedure of the 
contents server 30 is explained. In drawing 4 , first the contents server 30 judges a secrecy contents registration 
demand and a secrecy contents distribution request, when a network event is inputted or it is inputted (step S200). 
when a network event is not inputted (step S200 — nothing), the decision processing in step 200 is repeated. 
[0056] When a network event is a secrecy contents registration demand (step S200, secrecy contents registration 
demand), internal registration of these secrecy contents by which the registration demand was carried out is carried 
out (step S210), and default ACL is set up (step S21 1). And the processing which performed the response to this 
secrecy contents registration demand (step S212), shifted at step S200, and was mentioned above to the copyright 
person system 20 is repeated. 

[0057] On the other hand, when a network event is a secrecy contents distribution request (step S200, secrecy 
contents distribution request), these secrecy contents by which the distribution request was carried out are 
distributed to the user system 50 (step S220), the response to this secrecy contents distribution request is 
performed to the user system 50 after that (step S221), and the processing which shifted to step S200 and was 
mentioned above is repeated. Thereby, secrecy contents can be distributed to the user system 50 from the 
copyright person system 20 in the secret condition through the contents server 30. In this case, traffic is 
distributed, and since it is possible to hold secrecy contents to the contents server near the user system 50 
beforehand while fast transfer is possible, distribution processing can be processed at a high speed. 
[0058] Below, with reference to the flow chart shown in drawing 5 , the internal-processing procedure of a license 
server 40 is explained. In drawing 5 , a license server 40 judges first whether the network event of a contents use 
demand was inputted (step S300). when a network event is not inputted (step S300 — nothing), decision processing 
of this step S300 is repeated. 

[0059] When a network event is a contents use demand (step S300, contents use demand), ACL of the specified 
contents is searched from the LDAP system 42 (step S301), the access condition related from this searched ACL is 
extracted further, and new ACL is generated (step 302). When it judges whether there is any correspondence 
physical element ID certificate corresponding to the physical environmental specification conditions extracted after 
that (step S303) and there is a correspondence physical element ID certificate (step S303, those with a 
correspondence physical element ID certificate), as it is When there is no correspondence physical element ID 
certificate (with step S303 and no correspondence physical element ID certificate) After requiring a certificate from 
the user system 50 as opposed to the use claimant of contents (step S304), it judges further whether there are any 
following physical environmental specification conditions (step S305). 

[0060] when the preparations which shift to step S303 and are certainly equipped with a correspondence physical 
element ID certificate when there are the following physical environmental specification conditions (step S305 — it 
is) are made and there are no following physical environmental specification conditions (step S305 — nothing), a 
physical element ID certificate group is received (step S306)., the use claimant 50, i.e., the user system, of contents 
[0061] Then, license authorization / generation section 41 searches the specified contents decode key (step S307), 
and re(step S308) arranges the access condition in ACL in the certificate of the physical element which can be 
forced. Furthermore, processing which bundles all the AND/OR types in ACL with an authentication priority in a 
parenthesis is performed (step S309). License authorization / generation section 41 performs after that license 
generation processing which generates a license based on the AND/OR type bundled with this parenthesis (step 
S310). And the generated license is transmitted to the user system 50 (step S31 1), and the processing which 
shifted to step S300 and was mentioned above is repeated. 

[0062] Here, the relation of the license and secrecy contents which were generated is explained with reference to 
drawing 6 . Drawing 6 shows relation with the secrecy contents transmitted to the user system 50 from the 
copyright person system 20 through the license and the contents server 30 which are transmitted to the user 
system 50 from a license server 40. 

[0063] In drawing 6 , the system ACL 43-1 to 43-5 matched with each secrecy contents 71-75, respectively is 
stored in ACL43 of a license server 40. The licenses 84-86 over the secrecy contents 71-73 are generated based 
on this system ACL from the system ACL corresponding to the after that, for example, secrecy, contents 71-73, 
and it is transmitted to a user system. These licenses 84-86 are enciphered with the corresponding physical 
element ID, and information does not leak outside. The user system 50 can decode clients 81 -ACL 83 from licenses 
84-86, can decode secrecy contents 71' corresponding to these - 73', and can obtain contents, respectively. 
[0064] In this case, since secrecy contents are also enciphered, security is enough. Thus, ACL and secrecy 
contents are matched although the transfer roots differ, respectively, maintaining the secrecy condition. In addition, 
the condition of the secrecy contents sent through the transfer path containing the contents server 30 is expressed 
as a virtual storing field 70. 

[0065] Here, the LDAP system 42 in a license server 40 is further explained with reference to drawing 7 . In drawing 
7 , the LDAP system 42 has two or more LDAP servers, a license server 40 will be positioned as the client-server, 
and each LDAP server will function on the basis of management of a license server 40. A LDAP server is a 
directory server using the protocol of the lightweight version of DAP contained in X.500 which is the criterion of a 
directory service. It has the class of the XML information which was divided by two or more classes in the LDAP 
server, for example, was described by the individual humanity news 91, the system class 92, MEDIAKURASU 93. and 
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XML. 

[0066] And if "own system" is searched in the class of the individual humanity news 91, this system is searched by 
"system name" from the system class 92, and the present media in the system class 92 "current media" can 
search MEDIAKURASU 93 out of MEDIAKURASU, and can retrieve the XML information 94 corresponding to these 
contents from the contents in this MEDIAKURASU 93 further, for example. The information about contents is stored 
in this XML information 94. 

[0067] By the way, the specific use environment of the user system 50 has the logical structure with the layer 
shown in drawing 8 . In drawing 8 , the specific use environment 100 consists of three layers of the application layer 
110, OS kernel layer 111, and the device layer 1 12, and it connects between each class with the service interface 
shown by the dotted line. The application layer 1 10 has contents playback / activation application 101, and has the 
secret contents decode protection library 102 as a program module inside. 

[0068] The secret contents decode protection library 102 operates the storage driver 103, a file system 105, two or 
more use environmental specification physical element drivers 106-108, and a playback device driver. The storage 
driver 103 makes a contents storage device drive, the use environmental specification physical element drivers 106- 
108 make the use environmental specification physical elements 109-111 drive, respectively, and the playback 
device driver 112 makes the playback device 113 drive. In addition, it may be one physical unit or two roles, the 
contents storage device 104 and the use environmental specification element 109, may be borne, for example like 
MO equipment. 

[0069] Drawing 9 shows the correspondence relation between OS kernel layer 111 of a use environmental 
specification physical element (PCSUE), and the device layer 112. As shown in drawing 9 , PCSUE(s) may have 
inclusion relation. Of course, other devices in the device layer 112 are the same. For example, PCSUE133.134 is 
positioned by the low order of PCSUE131, and PCSUE135.136 is positioned by the low order of PCSUE134. The 
data exchange of the information on a physical element ID etc. can be carried out by PCSUE(s) which have such 
inclusion relation. 

[0070] For example, PCSUE of media regenerative apparatus, such as DVD equipment, includes PCSUE of media, 
such as DVD, and exchanges contents data and media ID information among both. For example, it is information 
interchange between PCSUE134 and PCSUE135. And only the top PCSUE performs the data exchange with a 
PCSUE driver. For example, it is the relation between the PCSUE driver 120 and PCSUE131. Therefore, even if it is 
the same device layer, it may have inclusion relation and may have hierarchical relation. 

[0071] As mentioned above, a license is the consent information over a specific environment, and the access 
information which becomes the client environment which required the license, i.e., the environment of a user system, 
from ACL and the content decode key Kc only including the information on a proper is enciphered with a physical 
element ID (PCSUE-ID). 

[0072] Here, it is as follows when an example of the multiplexed license is shown. Namely, [Equation 1] 

i i i i \<7*+xmm>\ k 5 > K 4 } K^l^l 

It comes out. Here, K1 - K5 are PCSUE-ID, respectively. Access information is combined for this license by AND 
conditions using K1 - K5. It is good for the security reinforcement of a physical element to use each PCSUE-ID for 
high order, and to encipher in multiplex. The sequential decode of this decryption will be carried out from outside 
PCSUE-ID at this reverse. 

[0073] Moreover, when the security reinforcement of a physical element is almost the same, you may enable it to 
decode each PCSUE-ID by the code key of the result with EXCLUSIVE OR operation. For example, [Equation 2] 
\<T?i:Xmm» (Kg® K 4 ©KpK 2 ©K 1 } 

** — it is good to make it like. The effectiveness of diversification of risks that the danger of the contents decode 
key Kc theft by attack success to some products, i.e., some physical elements, is distributed by multiplexing of 
these encryption will be brought about. 

[0074] Moreover, [Equation 3] when combining two or more PCSUE-ID by the OR-operation child 

\<7?±zmm>\ k 3 + i<T?-tizfim» k 2 + 

** — when like, it is good also considering the value which generated the sublicense enciphered by each PCSUE-ID, 
{< access information >} K1 [ for example, ], carried out the OR operation of all the sublicenses simply, and was 
combined as a license. In this case, multiplexing of the encryption mentioned above may be applied also to each 
sublicense, and you may generate as a license combined with the nest by carrying out AND, XOR, and an OR 
operation. The effectiveness of diversification of risks is acquired by this. 

[0075] Below, the generation procedure of such a license is explained with reference to the flow chart shown in 
drawing 10 . The flow chart shown in this drawing 10 is the subroutine of the license generation procedure shown in 
step S310 of drawing 5 . In drawing 5 , it reads from ACL mentioned above 1 word first (step S400). the WORD read 
after that — " (" — it is — a ****** is judged (step S410).) 

[0076] the WORD which carried out reading appearance — " (" — it is — a case (to step S410 and "("), the read- 
out current position of ACL is memorized as the starting point in [ ACL ] a parenthesis (step S41 1 ).)) Then, Variable 
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NB is set as "0" (step S412), and it reads from ACL 1 word further (step S413). then, the read WORD — " (" — it 
is — a ****** — judging (step S414) — " (" — it is — after adding "1" to Variable NB (step S415), it shifts to 
step S413 and the following 1 word is again read to a case.)) 

[0077] on the other hand, it judges whether read-out WORD is "" (" — it is not — a case (step S414 — in addition) 
— further — this read WORD — ") (step S416). When this read WORD is not "", in addition to this, it comes out, 
and in a certain case, it shifts to step S413 and 1 word is further read from ACL. On the other hand, when this read 
WORD is "", it judges whether NB is "0" (step S417). When NB is not "0" (steps S417 and NO), "1" subtraction is 
carried out from the value of NB, and it shifts to step S413, and reads from ACL 1 word further. 
[0078] When NB is "0" (steps S417 and YES), the one this side of the current position of ACL is memorized as a 
terminal point in [ ACL ] a parenthesis (step S419). Then, license generation processing in [ ACL ] this parenthesis 
is performed (step S420), processing which adds the return value by that recursive call to access condition AC is 
performed (step S421), and it shifts to step S400. ACL in a parenthesis is generated by this. 
[0079] the WORD read on the other hand — " (" — it is not — to a case (step S410 — in addition), it judges 
further whether this read WORD is physical element conditions or accounting conditions (step S410).) In being 
physical conditions or accounting conditions, this condition is set as access condition AC (step S431), and it sets up 
as a secret key Kp of a physical element which can force this condition (step S432), shifts to step S400, and reads 
from ACL 1 word further. 

[0080] When the read WORD is not physical conditions or accounting conditions (step S410, in addition to this), it 
judges further whether this read WORD is "OR" (step S430). When the read WORD is "OR", license generation 
processing of next ACL is performed from this read WORD (step S441). Then, when it judges whether AC is 
contained or not (step S442) and AC is contained in the license generated further (steps S442 and YES), it is set as 
the license which serves as "{hash [ AC, ]] Kp and return value" using the return value of the license generation 
processing by step S441 (step S443), and this generated license is returned (step S454). On the other hand, when 
AC is not contained in the license (steps S442 and NO), it is set as the license which serves as "{hash [ Kc, AC, ]} 
Kp and return value" using the return value of the license generation processing by step S441 (step S445), and this 
generated license is returned (step S454). 

[0081] On the other hand, when the read WORD is not "OR" (step S430, in addition to this), it judges further 
whether this read WORD is "AND" (step S440). When the read WORD is "AND", license generation processing of 
next ACL is performed from this read WORD (step S452), and the license which serves as "{hash [ a return value, 
AC, ]) Kp" using the return value of this license generation processing is returned (step S454). 

[0082] Furthermore, when this read WORD is not "AND" (step S440, in addition to this), the license used as "{hash 
[ Kc, AC, ]} Kp" is returned (step S454). Thereby, a license is generated from ACL. 

[0083] Below, with reference to the flow chart shown in drawing 1 1 , the internal-processing procedure of the user 
system 50 is explained. In drawing 1 1 , it judges first whether the user system 50 had the use demand of contents 
(step S500). when there is no use demand of contents (step S500 — nothing), this decision processing is repeated, 
and when there is a use demand of contents (step S500 — it is), the use demand of contents is transmitted (step 
S501). then, when it judges whether there was any demand of the certificate of a physical element from a license 
server 40 (step S502) and there is no demand of the certificate of a physical element (step S502 — nothing), it 
shifts to step S508. 

[0084] on the other hand, when there is a demand of the certificate of a physical element (step S502 — it is), it 
judges whether it read (step S503), and the physical element ID certificate was read and went wrong (step S504). 
When read-out goes wrong (steps S504 and YES), an error notification is transmitted to a license server (step 
S505), and it shifts to step S500. when it judges whether there is any following physical element on the other hand 
when read-out does not go wrong (steps S504 and NO) (step S506) and there is the following physical element 
(step S506 — it is), it shifts to step S503 and the processing which read the following physical element ID 
certificate and was mentioned above is repeated. 

[0085] on the other hand, when there is no following physical element (step S506 — nothing), a physical element ID 
certificate group is transmitted to a license server 40 (step S507), and receiving contents judge an error or a license 
further (step S508). The processing which shifted to step S500 and was mentioned above when receiving contents 
were errors (step S508, error) is repeated, and when receiving contents are licenses (step S508, license), the 
processing which shifted and mentioned the license above to the physical element (PCSUE) 1 at delivery (step 
S509) and step S500 is repeated further. Thereby, the user system 50 can acquire a license from a license server 
40. 

[0086] Here, PCSUE1 shows PCSUE of the beginning of PCSUE of an individual (N-1), generally PCSUEi shows, and 
i is 1 - (N-1) an integer. Then, an internal-processing procedure when a license is passed to each PCSUEi is 
explained with reference to the flow chart of drawing 12 . 

[0087] In drawing 12 , PCSUEi decodes the received license by Kpi first (step 600). Then, this decoded access 
condition ACi is evaluated (step S601), and it judges whether it is improper whether the evaluation result of an 
access condition ACi is good (step S602). When the evaluation result of an access condition ACi is improper (step 
S602, failure), error processing is performed (step S604) and this processing is ended. On the other hand, when the 
evaluation result of an access condition ACi is good (step S602, C), this decoded license is transmitted to PCSUE 
(i+1), decode is continued, and internal processing of Book PCSUEi is ended. 

[0088] Next, PCSUE (i+1) is equivalent to PCSUE (N), and the physical element of a playback device performs 
internal processing here, for example. This internal-processing procedure is explained with reference to the flow 
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chart shown in drawing 13 . In drawing 13 , the received license is first decoded by Kpn (step S700). Then, this 
decoded access condition AC(N) is evaluated (step S701), and it judges whether this evaluation result is good or 
improper (step S702). When an evaluation result is improper (step S702, failure), error processing will be performed 
(step S703), this processing will be ended, and secrecy contents can be decoded as a result 

[0089] On the other hand, when the evaluation result of access condition AC(N) is good (step S702, C), a playback 
device reproduces the contents which decoded secrecy contents (step S704) and were decoded by this decoded Kc 
(step S705), and this processing is ended. 

[0090] Here, decode processing of a concrete license is explained with reference to drawing 14 . In drawing 14 , the 
license generated by the license server 40 enciphers access control list ACL and a contents decode key using the 
key Kp which is the physical element ID of the playback device 144, and the value of the exclusive OR of DSN 141 
which is the device serial number of a storage device, and MSN143 which is the media serial number of media 142 is 
further enciphered as a key. 

[0091] First, if write a storage device 140 in media 142, it reads improper MSN, the exclusive OR of this value and 
DSN of storage device 140 self is calculated and a license is decoded by this result of an operation, a license will 
serve as {ACL, Kc) Kp. When satisfying the access condition which this license decoded in part is sent to the 
playback device 144, and the playback device 144 decodes a license using the key Kp which is the physical element 
ID which playback device 144 self has, acquires the access condition list ACL and the contents decode key Kc, and 
access condition ACL shows, the contents which could decode and were decoded by the contents decode key Kc 
will be reproduced by the playback device 144. 

[0092] With reference to the data flow which shows the contents decode processing by the license demand and 
license acquisition which were mentioned above to drawing 15 , it explains further. It sets to drawing 15 , and in the 
decode protected area in the user system 50, in order to use contents first, a physical element ID certificate is 
attached and the license demand processing 152 is sent out to a license server 40. Under the present 
circumstances, a physical element ID certificate is acquired from the use environmental specification physical 
element 150 by the use environmental specification physical element certification dictation profit processing 153, 
and is passed by the license demand processing 152. 

[0093] On the other hand, if a license is transmitted from a license server 40, the license acquisition processing 156 
acquires this license, in access-permission processing 155, while acquiring a license from the license income 
processing 156, a physical element ID will be acquired through the use environmental specification physical element 
certification dictation profit processing 153, a use situation will be further acquired from accounting 157, and the 
use environmental specification physical element ID authentication processing 154 will take [ processing ] out a 
decode key using these. 

[0094] And the contents decode processing 159 decodes the secrecy contents 158 using a contents decode key, 
and outputs the contents of a plaintext. In addition, accounting 157 is notified to the use situation monitor physical 
element 151, and the decrement of the current use situation is automatically carried out according to use with the 
use environment-monitoring physical element 151. 

[0095] By the way, drawing 16 is drawing showing the effect of the protection reinforcement on [ at the time of 
mounting each processing procedure in each entity of the specific use environment shown in drawing 8 ]. From this 
result, generation of a use environmental specification physical element possession certificate is mounted in a 
device layer, and understands that it is desirable to mount in the device layer by the IC card for accounting 
information protection. Thus, since protection reinforcement changes also with layers which mount each processing 
procedure, it is necessary to mount each processing facility which also takes layer arrangement into consideration 
and is shown in drawing 15 . 

[0096] In addition, although the gestalt of operation mentioned above explained as a configuration on the basis of 
the so-called contents cache possible mold model, it is clear that it is applicable not only to this but the 
configuration on the basis of a contents coincidence distribution mold model. In this case, the contents server 30 
should just deal with it as a configuration by which internal arrangement was carried out into the license server 40. 
[0097] Furthermore, what is necessary is to be able to carry either out and just to apply a respectively suitable 
method according to an adapted system, even if it uses a private key cryptosystem and uses a public key 
cryptosystem in this case although it is the requisite about encryption and a decryption to use a key with the 
gestalt of operation mentioned above. 

[0098] Moreover, the record medium of portable molds, such as the media used in case not only the equipment of 
immobilization but this user system 50 is used for the user system 50, i.e., CD-ROM, DVD and MO, an IC card, and a 
floppy disk, is included in the physical element shown in the gestalt of operation mentioned above. In the user 
system by which this portable type of record medium is used, in addition to the physical element of immobilization to 
this user system, this portable type used of record medium will also be contained in a physical element, and use 
control of contents will be made. In addition, it cannot be overemphasized that it is contained in the physical 
element which the media of immobilization to the user system 50, for example, the hard disk drive unit of 
immobilization, ROM of immobilization, etc., mentioned above. 
[0099] 

[Effect of the Invention] since according to this invention the information on a physical element that a license would 
win popularity in order and would be passed by the time a decode key is used for decode of contents was 
memorized, and it constituted so that a decode key and use authorization conditions might be enciphered based on 
the information on the memorized physical element and a license might be generated as explained above — unjust 
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use of contents — precision — the effectiveness that it can prevent highly does so. 

[0100] moreover — since according to this invention the information on a physical element that a license would win 
popularity in order and would be passed by the time a decode key is used for decode of contents was registered, 
and it constituted so that a decode key and use authorization conditions might be enciphered based on the 
information on the registered physical element and a license might be generated — unjust use of contents — 
precision — the effectiveness that it can prevent highly is done so. 
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* NOTICES * 

JPO and NCIPI are not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect the original precisely. 

2. **** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 



DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] It is drawing showing the configuration of the contents use control system which is the gestalt of 1 
operation of this invention. 

[Drawing 2] It is the flow chart which shows the internal-processing procedure of the copyright person system 20 
shown in drawing 1 . 

[Drawing 3] It is drawing showing an example of accounting conditions and physical environmental specification 
element conditions. 

[Drawing 4] It is the flow chart which shows the internal-processing procedure of the contents server 30 shown in 
drawing 1 . 

[Drawing 5] It is the flow chart which shows the internal-processing procedure of a license server 40 shown in 
drawing 1 . 

[Drawing 6] It is drawing showing relation with the secrecy contents sent from the license and the copyright person 

system 10 which are sent from a license server 40, or the contents server 30. 

[Drawing 7] It is drawing showing the configuration of the LDAP system 42 shown in drawing 1 . 

[Drawing 8] It is drawing showing the layer logical structure of a specific use environment. 

[Drawing 9] It is drawing showing an example of a physical element with inclusion relation. 

[Drawing 10] It is the detail flowchart which shows license generation procedure. 

[Drawing 11] It is the flow chart which shows the internal-processing procedure of the user system 50 shown in 
drawing 1 . 

[Drawing 12] It is the flow chart which shows the license decode procedure by the use relation specification 
physical element. 

[Drawing 13] It is the flow chart which shows the license decode procedure by the physical element of a playback 
device. 

[Drawing 14] It is drawing showing an example of the decode process of a license. 

[Drawing 15] It is the data flow diagram showing the contents decode processing by a license demand and license 
acquisition. 

[Drawing 16] It is drawing showing the effect of the protection reinforcement on [ at the time of mounting each 
processing procedure in each entity of a specific use environment ]. 
[Drawing 17] It is drawing showing the access-control model in the former. 

[Drawing 18] It is drawing showing the outline configuration of the contents use control system corresponding to the 
access-control model in the former. 

[Drawing 19] It is drawing showing the improved access-control model. 

[Drawing 20] It is drawing showing the contents distribution model of the contents use control system in the former. 
[Drawing 21] It is drawing showing a contents cache possible mold model. 

[Drawing 22] It is drawing showing the outline configuration of the contents use control system corresponding to the 
contents cache possible mold model shown in drawing 21 . 

[Drawing 23] It is drawing showing the outline configuration of the contents use control system which realizes a 
contents coincidence distribution mold model. 
[Description of Notations] 

1 Copyright Person 

2 User 

10 Contents Use Control System 

20 Copyright Person System 

21 Secret Contents Registration Section 

22 Right Transfer Section of Access Control 

23 ACL Setting Section 
30 Contents Server 

40 License Server 

41 License Authorization / Generation Section 

42 LDAP System 

43 Access Control List (ACL) 
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44 Key 

50 User System 

51 Secrecy Contents Demand / Acquisition Section 

52 License Demand / Acquisition Section 

53 Specific Use Environment 

54- 1 - 54-N Use environmental specification physical element 

55- 1 - 55-M Contents storage device 

56- 1 - 56-L Playback device 

57- 1, 59-1, 61-1 Physical element ID 

58- 1, 60-1, 62-1 Encryption / decryption / evaluation section 
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* NOTICES * 

JPO and NCIPI are not responsible for any 
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4 3 11 #U#rF 5 3 9 2 3 5 1 *S 

5555304 £ 4 0**84*11= 5 7 9 6 8 

2 4*&**UU\ flJffl#O^SSr-^x-7 ntn>f> 

#03 Lxffi&<o n > f > 7 f UfflSW > * 

[0 0 13] 0 2 0(4, g&*On>7 L >*yflJffl*liWvX 

+«B«BB*U«iSU ^-K/v 

jh*>««-C**o ^/BBWRpJeftSB* (PC SUE) 
235-1-235 -Ni4, n > -r > 7 <DfIJJH3Sfj££# 
5e1-*»3IK5fS-C*«K A*M(-<4, CPU, JRjZlK 

[0014] tt*»RlWte(JU PCSUE235-1 
- 2 3 5 -NtCltiCEi" *%S3?3? I D<OfEfj3S2 3 6 - 
1-2 3 6-NH hC, iff1Mf#2 0 OCioTBff 
ffc$lxfc=i>-5r>7 2 3 3 OtX«T-*oTBaSS[*l*c0-»f- 
7 2 3 4 *B*U ff£RIIIR 



(4). #S2 0 0 3 - 1 7 8 1 6 4 

ir^Lt, COtS#$tl^rj>T->7^ ? f IJ m # t : f 'J ffl 
§*x£ 0 ffioT, =r>r>7l4, MISIDWffiL 
fc*--eHf*ffcS*L (3>-r>7 2 3 3) , >t- 
>7 2 3 3 (I*tS-t4 3 >t>7 2 3 4 £ fS^i" 4 tz *J> 

[0015] ::t% 3>7->7K**t^m::<4, ffi^- 

itZtitz? >T>yifc^-t2>t2#>lzm^btL2>7 < -fc 
O^rfyyaCffiSL, 7 >f -b > * t (4giJ<7) * >f S > ^* 

t'WIt 4 =X > T > 7 * t7V A PlfigS ^ T-VU t 

ho EI2 1(4. :^3>7>7^^-yyaprftI^fjl. 

[0016] 112 1 \z&^x, i-rmft%2 0 o(±, m 

^t7ViJ tL^o —U, PCSUE235-1-23 
I DS:Hff*fbLfcSEW»2 4 1-1- 
20 2 4 1 -Nli, »*ftS*Lfc^t?»ft«««II1ll«U 
ffi^J^tL. PCSUE 2 3 5-l-2 3 5-NUWSt 

«9ftU iO««f^-KptgWt241-l-241 
-N^^ibilgS ID243-1-243 -NSrm^ 
U d cO^Sg^ ID243-l-243-NtCJ:oT 

n>x>7«-t4--Kc*w^fbL, mmzmmmzft 

[0 0 17] ««fiW«4Rrtt^ (HS-ffcSftfca^T-^ 
78*^- K c Srtf315f^ ID242-1-242 -N 
30 T*m-f-L, 3>f>7{m-KcilHo vT60rz>T- 

-^■fk^ tLTtn >r- > 7 2 3 4 HX^rL, 3>f>724 
4 k LT^IJffl#2 0 5 U?l]ffl$-££ 0 
[0 0 18] 132 2li, 12 1 Cft3>f>7^rt y 
v a HT fi&S! * r'A' u*tJ£i- * =1 > -r > 7 fiJfflMff '> * x 
AOlBliStSf/oy ^i-e*l.o @2 2Ci5V> 
T, fmifyXfA 2 5 0(i, *ft»#«a*«Uff 
■ ffiL, n^T-vy*- /<2 5 1 (4, ||tt**^ff«EL, 
-fc>X^-/<2 5 2 io4 0 i ;flJffl^-vX^A 2 5 3 
¥0 (4. »E««*«(cfflEi-4o Iftfify^fA2 5 0 
(4. f^«:L^=?>x > 7=r5f-?-'ftL, -OBf-?-fbL^ 
> f > 7 i ^* > T s 7 2 5 1 U^l?L"Ci3 

[0 0 19] itc, n >7">7fa-f-^r-K c Sr v >f -fc > 
X-^-y<2 5 2 USffLT. T ^ -t X$l|ffllfloo§lg^ 7 
^-fc>X-tt--/<2 5 2 UWLttf Oo 
©IWJXh (ACL) iS^ESrfrOo flJffl#'>^^^2 5 
3(4, =2>f>7S:fl]fflf A-kSr^+fllfflS**:^^ 
-fc>*-«*--/<2 5 2 UjifIL, Ccoks^, ftlS^ID 
50 OBW*7» t i6ftS*t'Cv^v»J»-&U(i, 7<^:>X^- 
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7 

/<2 5 2 WftlSS^Itfl^ C i o Tftgg^ I D«OtE 
[0020] 7^-t>^t-^'2 5 2l±, 0321 Hjp L 

iic mmm^mt r-y x * h * 5 * oss* - 

Kp*«t»LTl»S5?!SIDSEl!IIS«r«-*U fX-^L-fc 

Kc-t> s y-(-t>XLt LXmrn^isXy-^ 2 5 3 Ciitb 
£*l£„ dfUCioT, ?IJffl#v^f"A 2 5 3(7>%!lJ3.m 

[0021] f£^n >x>-7i±3 >t->-ytf-/< 

2 5 1 U^ff ^nrv^cOT-, flJffl^v^f-A 2 5 3 
(±, suii3>x>--y-»t-/-f2 5 1 tZ^-3>x>^E* 
H*£frot\ n >x>'7-f-^"2 5 1 frb%&^>7- 

[0 0 2 2] — i2 3li. n^rV^lBl^Etl* 
■f ;w n^-t £ a > -f > 7 f ffijftl -> 7. t A cOWESfll^; 

M2 5 l* 5 T?£-t±"f\ >x5iMt PlB#(C5FlJffl#-> 

X9 U 2 5 3 - t U&& 0 12 2C^t i 

3>f>"^-A2 5 1 r^U«3VfV7 
* * 4 £\ »* a > x > -7 14 ^ A B$M &) I : f I) m # 
•>Xfi 2 5 3 lZjfiV^-/<iT?SI±*^rv>^,COT:\ ^IJ 

ifyxrA2 5 3<±, ? > r > tf-jz-m%m-mm& 

[0 0 2 3] Ztz. n >-r >Vl^B#E*S j ef';u^Jt«c 

^fJK-li, n>^>-y^, 9-f-fc>X<Otg«4:(iJ5lJ 
U, R0MI#^-^, Jfcjg, Proxy*-'i|:J:4 

[0 0 2 4] 

L 111 a * IWKi- -S * 4:#*P L •? , I* M W R 4 R»t fc 

[0025] ttz. nwmwm^m^m^. 

ttp'&^iE-C* * '9 > ceo J: t #C 
4r**0«8-C*4fl]fflS|l««F5El»a5l3Ri- J: oT 



(5) M2 0 0 3 - 1 7 8 1 6 4 

5 

fiJfflftoT£ft4£iS:L-C*>> ^jESrH&LTLi i 

[0 0 2 6] CO|feWli±EU«*T'5:S*Lfc<)0-C-, 
tifS#74 ? 3 > x > 7fiJffl$iltfil *Sfe%fc(-tr TCi: A ? T- # £ 

10 [0 0 2 7] 

-tiE I, U 

[0028] c<o«wuj:fLtf, a«#3>f^-;o 
a-f- {-fij ffl § tt * i t* 9 -f -t > x &m us 'tig $ n.^. 
!»a5?*<o.ttf**Ett l, e« t ^tastoifci 
o' v . x a <t vmm 4 et^-ft l t 9 -r -t > 

[0 0 2 9] Sfc, tmt^titz=i>f->y 

30 4 -5 m^-m tttKHa^w o^ufflst ^r^f* 

till, f Uffl**"b O 3 > ir > 7 fflffl S*tZ(&«F L X 

Lxmm^zukm-tz 9 ^ -t >^fi*s^*ot, m 
Ea-^ftjj'3 >t>-j <ois&iz.mm stm -cu 9 -r -t 

K*g»««xet, *E!»a3?*e»*aa:et-j:«) 
gmzftfcwmmmnmm-m^xmm^m&xv 1 

f IJ ffl it^T^ ft 4 Pf-f- fk L- X 9 -f -fc > X * ifig-T ^ 9 -r -t 
^0 [0 0 3 0] *HWI±. Bg-^-ftg^7'i3>7 i >'y 

iflU, fij JB#tf> <b o 3 > -f > y fq ffl t-tt-^ L t 
KfS-^a±J J: c/fij 1 ft bT ^ ft 4 Bfr*fb LT7>f-t>^t 
LTflJffl^UftKt 5> 9 -f -t > ^fl7'D ^'9 A -C* o 

tc <t •) ass #tfc»3i5*oflt«ni6^v^Ti»Ef«-f-ai 

<t (/fljfflft nl^ftr Bf-f-ft LT9 ■< -fc > XrMfi 
50 9'f-b>X±«^J«t, £n>e^-?-Cfl'f?-f 



9 

[0 0 3 1 ] *^**WUiit(f, ?S-^JS^3>x>7 
go* v > T fS^-a & J: tfflj ffl ft pT * ft £ BfrSMfc LT7^ 
[ 0 0 3 2] 

J: V 7 -f -t > * • 31 7" a y 7 ^ o 4f M & * * fe O JB St * g£ 

[0033] hi w\ ^m<o-%mmm^hh^> 

x>7?IJffl»J«v^f:AOfll«:«:5ti-|aT***o H1U 

cofijffl*iBJ®l-4'>x-rA-e*4o Bluish 

t\ COn^f-^^flJfflflHJttlvX-r A 1 0 i±, < , 

>X+f-/<4 0, io £ O^IJ If yXf^ 5 0 £*1-& 0 
[0 0 3 4] IMitvXfA 2 0 M\ ftj&L£3>f 

f>7t-^'3 0i:fm (S 1 0) ftLaSrffTffce 

> -r > 7 ) i&%--ti>0>lz&9l&x>T>yQ&*-t: 

? 4 4 ocsait^^^aor, r^-t 
xSiJifltS*7^"t>x^-/<u^lii-^ (Si 2) j&a 
*fH7****l]»*$tt«2 2, *J J: CTW«IHr*ft 

(ACL) &7«f -fc^*-^-^ 0 KK^-t* (SI 
4) ACLK^SP2 3 **U Iftft^^ >f >7(:n 
1-*WBtttl«r»a-*-*o 

[0 0 3 5] 3>r>7t-A3 0li, fftfitv^f 

7 f A 5 0 ^ f> Ogf n > f > 7 Et o (S 
1 6) :^fl^i, RffS*LT^4«|t3> 

(s 1 7) o 

[0 0 3 6] 7^-t/^t-M4 0(i, v^-t/Xf^pT 
/Mffi4ULDAPy^7A4 2trtn o 7 -f 

>x>yofijffls*^*o^ (sis) »g\ z<omm 
i*c«o ? *ifc»aR3R i d mnw t z *uc*tJfci-a 

fm-HDAPy^t^4 2rt»<bflt*U VraXX 

>x>yfS^*-£t£*u :«U3>f >?a 

* a SS* I D -CBr* it L it v 4 -t > * £ £ ft + 
4 (S 2 l) o 

[0 0 3 7] Y -t >X(i, ^S^#^SS£ft 



(6) # BH 2 0 0 3 - 1 7 S 1 6 4 

10 

*!JffiS* (SIS) CftlftI DJEW#* r f*»ne 
flTv**^**-^ LDAPvXf A4 2rtCi#lEL5: 
tta5l**l**S« (S 1 9) «r*iJflB#vX 

SIS I DtiEW#P££1- ( S 2 0 ) o 
70 [0 0 3 S] -?7> imify^fA 20^b7H^ 

(S 1 2) £03>x>ya**-*»JE+* 
LDAPy^rA4 2 [*]<7)*- 4 4 Of-M-XCS 

X-rA 2 0^*bACLK^**ai'bix-CS^: (SI 4) (1 
(J, Z<DAC L£^g3>x>yi:itt/££-£T, LDA 
P v^xA4 2[*]<7)7 *-fc*fffltflI'J X h (ACL) U*& 

[0 0 3 9] flJffl^-vX-rA 5 0«i, Sl3>7>70 
20 (S 1 6) hK*£*l£ffcEr7>-r >7«|# 

rff9ig^>f/7g*/TO5 1 L v^-fc>X 

i"it>*>*ijflaif* (s l 8) ^7^>^oK 

»(S2i) <o$imifto 7<<*>xmM/m$U5 2 
mmm^^'T^<o^mmmm (sue) 53^ 

cpu, mm%tW, »j A-/<^«:E««it 
[0040] #^fuffl5s*^ii, c p \jm<nmmw&m 

30 5c»aS* (PCSUE) 5 4 - 1 - 5 4 -N^ 3> 
x>^«rt&S1i-^=i>-r>y X h U-vf/<^ 55- 
1-55-Mt, 7 , l/--V^tfa-7^(7)S^fVsy7, 
56-1-56-Ld: ^*1-^o #PCSUE54-1 
- 5 4 - N, §3>r>7XH/-vf;<^5 5- l 
-5 5- M, ^<t^W4fV^X5 6-l-5 6-L 
(±, ftl^lO^SSf I D 5 7 - 1 - 5 7 -N, 5 9 
-1-59 — M, 6 1 - 1 - 6 1 -L 4: t i> 

»*ffc/a*^fc/IFB» 5 8-1-5 8-N, 60 
-1-60 — M, 62-1-62-L ^*i"^ 0 

^0 [0 0 4 1 ] «H5-Vk/«*ffc/fFfli« 5 8 - 1 - 5 8 - 
N, 6 0 - 1 - 6 0-M, 6 2 - 1 - 6 2 -Lit. 

a»**ifriHfc-*-4»*utt. a»is*oftas«i 

D -enff-^-ffc L t w * L , §KiS?fo a* ft i It o 9 ^ 
ua-^ftJftifFflsi-ii&atlf^o i- 

[0 0 4 2 ] orCiai^fmity^rA 2 0, n 
50 >f>7*-><3 0, 7^>^-^40, 
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K9J-f4 0 if, S2^)7n-f t- h*#JHLT, * 
ftflfv^f^2 0O|*3«*a*Jl*COt>TlllMi-4 0 
[0 0 4 3 ] 12 UJSV^-C, fftti^yXfA 2 0 (i, 

7 a S 1 0 0) o tft-fM^ h^Mltv^^v^ (X 
f77'S100, &U »ft>f^> 

3i«l3>r>7fi8*, ACLfiW\ 7*-fc*Mflp 
«t*»^*«Bfff 4 Ut77'S 1 0 1) o 
[0 0 4 4 ] S(W^ f 8I^ > r > 7glf*^>«^ 
Uf7 7'l 0 1 , »l3>f/7il) U(i, Ha 
>f>7Si»2 1li, ^ > t > V nm^itv'fi^ (* 

777'sno) , 3 > -r > y ^ hfrhmm<D 

3>f>7t-A3 0£Jg/tL (XT77'S1 11) , 
>y«»K#*fT$ UT77'S 1 1 2) o 3 

3) o 

[0 0 4 5] 3 >-f /<3 O^OJ£^# ? OKCO 

&fro£ Ut77 , Sl 14) f£, £ eU, 

S 1 1 5) o >-f >^-/<rt ? J^£;fx£*§£- 

115, <fc*9) Xx-y 7*S 1 1 2 U 

LT±*Lfc*a*J»»)iIU o?(7)3>f>7t 
-^"^M^it^^v^ (Xf77 , S115, £ 
L) x 7 77 8 S10 0«ffltli!U:M^ 

[0 0 4 6] ftfW^ACLE^*l)«^ (Xf7 
7'101 ( ACLtg) , ACL R5e« 2 3 li, 
U, flK6S*tfc3>r->y«**-**»i-**5^«: 
¥WL Ux^S 12 0), 3/f/7a^-^)f 
if l^v^M (xf7 7 , S12 0, t'L) X7 
-^ar^foT (Xt77'S124) , Xt-77'SIO 
0J:»ffU ±*Lfc»a *«*»)«■*-• — n>r-> 

-4>S»*** 4 »fr (X-rf/S 1 2 0, * 
«3) U<i, ACLK^Sf** -b>X + -/<4 0 US 
{ft (Xt77'S12 2) , v-f -fc >*-*t-/*4 0 ^ <b 
ACLgiiMSSSrSftL Uf77'S12 3) , f^S 

^777-8 1 0 ou»fTL-c±aLfc«atit"}iB+o 

[0 0 4 7] Sfc, J*f^rt$* ? T^-t^iWMtiSi8t?4> 
4»-& (X777-S10 1, 7*-fcxM9p.1MMa) U 

4 0 US-It L (Xf77'S 13 0). Bg-^ftn>x>7 
fm-^fi|gl^§(IL (Xf77 , S131) , * 
fy "7 a S 1 0 OUStfT U ±aL7tJ6aSr*»)ig-ro 
[0 0 4 S] o^C, ACLIJteSI^ 3i:io 



(7) #B3 2003-178164 

72 

TI5:7E?^4 AC LUOi/>T!fcfpJ1-4o (13 l±, 7 * -t 

tttwawwifjEK* (pc sue) i(no2ti^ 

tt^bfti: LTfi, i"f, maxCount (m^^mWJBck 
m ^*LUlti5"f4 3 >x>-y<7)fiJffl«c?a(ico 

unt («ftSfHft) -C*4o »ft»Bfti:^o?rJE*U 
W L TlSft pfligEI g**tt t v > -? miJ IS Sr Kit T 7 * -b * 
«r»l«U -t «rte%H5cfcB^rtffiJ^ £1-4 tOT* 
70 4o 

[0 0 4 9] o^cOmaxLength (it^iti Lft^ft £ ) O 
£tt*frHU*tJ&f4 V x > V<?>mmVtfcl±. totalL 
en (K^fflLfSft»+tt»*«E*aLftS).-e*»). ^ 

>T>y ogw^ffl lf*S ^ciotrn x <o»m £ 

L<t -9 ti"4 tOt?A4o oifOmaxTimeLen (HffnTHfe 
S±e#^) 0*tt*f^U»l&+4 n >^ > 7 cofljffltt 
m±, totalTirae ( jHT8ffl»IB*) T?* ■» , = >-r>y 

f 4tOT**4o o^cOmaxDebt (ftA^&IR (R£ 

20 ) ^^tf-ftfwtuJtJEi- 4 3>r->^ofijffl^a 

ti, debt JS&O-^'f t-Xffi(i:f8rX^a 

Bt&*ftUJ:oT7^-bxolWlip* Lid £f 
4 & <Dtr£>4 0 

[0050] waawira?**!**: lt«4, * 
rw"»«*** f * •) . d*LU*ti&i"4wa5f*i do? 

^Xfi, PS NT***), 7*n-b7fOy'J7^fft* 
4o dtr, ^7^ < hiix-^^--X±0^*7*v^^ h 
* 7*-C*4o ^?OJHia-7^<<XUWl&'f 4WaK* 

D(i, certificates'?^ , I C ii - Krt^rt^IOS 
»* ^1" o 

[0 0 5 1 ] ojfoA#»ttii, fcfcxl*»tt^jHil 
«*t?*9, C*LU*tJ&-t4i»a5?*I D 
cO^Xfi, bodyPartsT* 0 , A#»tt^>BIEfll 
*4 0 o^(^lW^8ir«l:«t^&I?f I DO 
^7^(i, timePeriod-e* 0 , n-*;u^n-y^^^n 
40 -/<^&GP SfiF*J-C*4o >f 

ftlllSlDO^?^!^ MACAddress-C* t) , MAC 7 

L, -^xU*ttD-t4^a3f^ I DO; location 
-C**3, GP S*4vW±PHSa f &ffi-f 4f£«3: ^i"o 
o|r<oA<50E1SU*tl&1"4i»aR3lSI DO^^xii, us 
er-ID WithPwdT^O, J---*f I D t 7 - K4r^ 
i"o t»on-7Wff^»ISSID0^7^ 
(i, groupT-**}, M^IDOi^rSto 
50 [0 0 5 2] CCO J: ^ ttT 5 -tr^^frii, ANDtOR 
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L t LT»JgS#t4« r^tx^ftcii, ±iEL>fcJ:o 
*= #ft£ ft t »aSR«4*5ES**ft k rt ? £> 4 A*, C it <b 

*>* 

udac_ac I 

read: ( (grop=sysrapO R group=sof t4sof t) AND 

45661244<MSN<45661412) OR count <1; 

modi fy :user=yuj i 0 R user=hataOR 

I C_ca rd= 1 af d234f e4def 458c3bac78497bbda6f ; 

pr int :group=sysrap; 

[0 0 5 3] :<7)S^$^:A.CLCJ:iiil TreadJ 
tiKJJE^ftSr^U y)V-~ftf TsysrapJ *4v#Mi Tso 
ft4softJ T*»K **o, ^fVry'JT^ffMSN 
tf*45661244S:«x_45661412*«T*& & #\ * 4 vW±*ft 

TmodifyJ (iflff^ft^^L. TyujiJ &4 

v^i ThataJ -C*4*\ £>4^li ClC.cardJ Off^ 
riafd234fe4def458c3bac78497bbda6f J "C* * C k **3 

[0 0 5 4] 4fc, TprintJ li ep«flj**1* £tf U 
*f)V--ftf TsysrapJ 1:1^ 3 > f- > ? £ EP«-f- 4 C 
fcrt*-C#4 0 :^)J:iiACLIt fftMv^fi,2 
0*fc*flMt#l *«tt«URjfe-t*C: fc**"C*4 0 
ACLI^it GU I tfflv^^<ht:J:o'Cftfttt^fS] 
±i"-5o ACLOMv^ fcfts* i: 4: fc KKjg 

7*-t*£f* (1) &4*fr*»R-CS, »ft*2i:Jt 
LT(±T?-tx£ft (2) ftiftftilR-eiit^: 

[0 0 5 5] o?c N H4 i:$t7D-ft- h *#JB 
Lt, 3>f>7+-^3 0Ort«felf«l:ov>'Cll 

i:fll3>f>7ff5», ttff^T^^E*** 

**&*lJSrt"4 (^777'S 2 0 0) o ^7f7-M^ 
> h^AflSftii/**^ Ur77'S 2 0 0, & L) U 
ti, Xr 7 7 9 2 0 0 Ki3»t4fflW*«**»)igi-o 
[0056] ^;F7-M^>F i'ttln >f>7t 
»3S*-C*4*£ (Xf77°S 2 0 0, Sl3>f>7 

FW>eSL (Xt7 7'S 2 10) , r"7*;U hOACL 
*K3gi"4 U777'S2 1 DofU, *flMt#v 
^f^2 0i:, : cof « I ^ > r > 7 f * C ^ C> 
^^rtfoT (Xf 7 7'S 2 12) , Xf 77 , S 2 0 0C 

[0 0 5 7] — * y h7-^^f^> h^ffiE^ >r 



(8) #^2 0 0 3 - 1 7 8 1 6 4 

>-yEHiK*-e*4** (xt 77's2oo, ii3> 

>*y rflJffl^-vXT^ 5 0UJtLtE*L Ufy/S 
2 2 0) , :^8I3 >r >*yE*R?R^*ti" 

4fc^£?Uffi#*>*-r^ 5 0 CWLtff^ (Xt* y "7°S 
2 2 1) , Xf77S2 0 OUfMt LTiiELfcj&S* 

flfflf '> ^ r 5 0 i:E* 1 4 C t ^t' I ^ 0 

70 £\ h77>f y *rt*jWft3*U *sa<Ejas**?r*B-e*4i: 

T\ E*«a**j»^«ai'4Ci:**T*4o 
[0 0 5 S] o^'d, i5i:^t 7D-ft- h *#flH 

SK7t^5**«:fl|Br-r4 (Xr77'S 3 0 0) 0 
7-* -f^> h^AlfcSftS:^*^ (Xf77 , S3 0 
20 o, fcL) :^T77'S 3 o OO^JMff&s*** 

[0 0 5 9 ] *y h7-^^^> h^ ? 3>^>*y?Uffl^ 
Uf.7yS 3 0 0, 3>-r>^flJfflR 
#) Utt, ^^tf:3/r>70ACLrLDAP > 
Xf^4 2^^f L (Xt77'S301) , 
C<7)iMl^ACL^b^at^7^-t^M*M 
L, *frfcfcACL£fe£1"4 Uf77 , 3 0 2) 0 -r^> 

DiE^»ri**4^5rt**«tffL (Xf77'S 3 0 3 ) . 
30 W&WSK* I DaEW»3&**4»£- U777S30 
3, *tfi>i»aS*I D8EW»*0) dtit-toi*. **l£ 

wmski Drnwrntm^'ms- (^777s 303, *t 

*fi:ttlt, i-^Jb*,flJffl#>X-rA 5 0 U*tLTK 
W*Sr3l*Lfc (X777'S 3 0 4) ft> o ? 

0%^«#^ft^*4^S : ^*flBf1-4 (X7 7 7 
S 3 0 5) o 

[0 0 6 0] o^0^3ISR^#^f^ ? *4t*# (Xf 
7 7'S 3 0 5, X7 7 7*S 3 0 3 Uf|-lTl 

40 tltfiSftlSSSI DKW#S:l**^iBx.4i»|IB«r t> o 
^<7)%a3S^#^ft^V^^ U777'S 3 0 5, 

v^f-^5 0^tb!W3aS*IDaEW»»S:Sfflli'4 (X 

777 , S 3 0 6) o 

[0 0 6 1 ] m> J 4 -t>^S=^r/±^cSE4 1 \U 

^^Wfz ^yr-y y'&^^-Zfem L u 7 77 , S3 

0 7) , ACLf*JCOT^-bX^ft^, »*|TirSg$r!ft335 

^o|E0>q#t-ae^[ti- (X777 , S 3 0 8) o Hi:, 
ACLrtOt^tOAND/O R^xlSIEgE7feWSi-fS5Ili 
50 T< < 4S!13I : Ht -9 (^777 J S 3 0 9 ) o fOf^'f 



75 

D/ORSrUc; 7^>x£±/£-f £7-f -t>x 
±«MSrtTO (xf77'S3 10) o fit, 
ft£7 {-t/^rffflt^T^ 5 0 CMl (Xr y 
7'S311) . 3 0 OC»lTL-C±aLfc» 

[0 0 6 2 ] M?iif:7^>^tSln> 
:r>7 kO|H«UO^TSI6 *#B.5LTiJiKi"4o 16 
(±, 7^t>^t-A'4 0 7^<bflJJB#v*-r^ 5 0 U?i 
ft Sft&7"f -b>Xi: n > f- > y^f-/<3 0 r^LTf 
mityXf A2 O^fbflJffl^-v^xA 5 0 Hij|«Sft 

[0 0 6 3] @6i:^^T, 5 >f -fc>X*-/<4 0<7)A 
CL 4 3l*IU<i, f^tiMIn>f>7 7 1-75 
t^tfb^^y^fAACL 4 3 - 1 -4 3 - 5^ 

fc k x. (f n>f>7 7 1 -7 3 y^rA 
AC L/i^Sl3>f>7 7 1 - 7 3 t:*ift47 * -fc> 

:07^f-t>X84-86(i, TOtoftlSf I 
D-CBf-SHtSftTiS 0 , ttffK*****^* - k 
v^o mmmisXr-^ 5 0<±, 7^-t>X84-86^^ 
?7<1T> h ACL 8 1 - 8 3 Sr«*U £ft<b U**£S 

>T>y £ t#£ C k 7i> ? -e £ -So 
[0 0 6 4] *io*3§£\ «ln >7->y km^itZtix 
^&cor% -t + i u r-^r &<> cioioUL 

ACL<h «B3 > r- > 7 k Ut-tO«BttS £ L 

«i*7 0 k LTSaLtv^o 

[0 0 6 5] ::t\ HCf'f -t>x*-/<4 0[*io 

LDAPvXfA42 Cov^|7 *#SLtRWt 
£o 07 UJ3V*-£\ LDAPvXfA4 2 (±, tlftO L 
DAPt-/^tl, ^0^7^7>hf-/^Lt7 
>f -fc>X-9"-/<4 0 ^Efiont <b tU 7<Y -fc — 
4 0 Of 1(7) t <h t:&L D A P f - /^Itto - i: C 

LDAP+-Akli, r*4 Is? b*)*t—VX<OU 
mx*ib&X. 5 0 0i:tfMDAPOlfI<7)7 , nF 
^i^fflv>/:f^n 'J £>£o LDAPt- 

/ ^rtUttttfto * 9 * Ufrtt b ft. k ilrtAM 9 
K y^fi^7X92, >f^7^7X93, XML 
r-Ki£$ft^XMLlf^0^7 XSr^Tt&o 
[0 0 6 6] fit, fckx.tf-|BA«*9 lO^^^i: 
&i/>T, Town systemj ^Mcilot CoOvXx^ 
ry^r^^7^92^b [system namej i:J:ot^ 

^CyXfA^7^92rt<7)I|>fW7 Tcurr 
ent mediaj (£ x >f -f T^XOW^^tV 7^7 
X9 3rfML, cbU, CO^rW7^7^93rtO 
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n > f- > 7 ^ «b > :on>7>7 UJ+tfJ L XML «=ffi 
9 4^Mt^-i:^t^o :0XML«i9 40t 

[0 0 6 7 ] k Z?>X\ flJffl#v^xA 5 OOlfTEfUffl 

£ 0 iStli. t^lIffll^l 0 7 7 ,, jy-y 3 

>m 1 1 0 k 0 S tf-*;HB 1 1 1 tf/H xl 1 1 2 

>?-7i-XT-|gSc£ft£o 7 7' , )^-y3>ll 1 
70 Oti, 3>f>7ff4 • *ff7 7''J^-v 3>101r 

0 2 t/'nyjA^ya-A't lt*too 
[0 0 6 S] >f >7a*ftK5 -f 77 'J 1 0 2 

i±, XM/-yK7^<1 0 3, 77^f^yXfA10 

8, Sif/^XK7^^l!iftH^ 0 XhU-vK 
7^f^l0 3l±> ^ >7->y* b U- yfVH 
S*; WfflllWI»3a»a**K9^/<l 0 6- 1 0 8ii 
-tft-PftfiJfflSI««F5EW3aK*l 0 9-111 
20 S^r-vs^x K7>f/U 1 2 lifftrVWy; l l 3 

zm®z-£z>o *ib\ -o^igtt*ott, ?tk 

x.lfM0^t<7)J: -7(in>r>7^ f U-yfV^ x 1 

o 4 tmmmm^mmi o 90-oo^sij^tioTi 

[00.69] B9(t, ?lJfflSR*lf 56*335* (PCSU 
E) <D0 S rt-*;uJi 1 1 1 kxVM xll 12 kott 
j£H«S:a*L"Cv** 0 19 1:^^11:, PC SUE t 

50 If, PCSUE1310T(ii:i±PCSUE133, 1 
3 4 7W£g^(t^ft, PC SUE 1 3 4 OTfclCtiP C 
SUE 1 3 5, 1 3 6 rt ? f£8^tt ^ft^o -Oi:? 
^HKtt^PCSUE^o Lt?(±, »aS»I 
<om *R * r-'- * ^> - k rt'-e ^ ^> 0 

[0 0 7 0 ] /:fcx.(l DVDilf<7)^fV7Stg 
l^PCSUEIi, DVD^>f^7<OPCSUES: 
^LTiS *3 . ^>f>7f-^>7V7IDlSar 
M#Pfl-e^i-^o /ckxtf, PCSUEl 34kPC 
SUE13 5tOB^ta^ftT**^o fit, ftJiK 

40 OPCSUEO^^PCSUE K7 /<kOf- *3cJ& 
^ff^o /:<hilt PC SUE K7-f/<l 2 Ok PCS 

ue 1 3 1 k*>H»-e*&o Shot, n trvwxi-e 

[0 0 7 1 ] 7<-tr>Xii, ±^L/:J:oU, 

Kct*<bi^7^-t^ill«i«ISSSID (PCSU 
JO E-ID) CJ:otlfi^[:?lifctOt-A5o 
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[0 0 7 2] d CT\ %m.\tZfttz*7 << -t> *<F>— Mi 

lilt l<T->-t2.X«$B>l K s ) K 4 I K 3 I Kjl K,l 

T'h2> 0 c:t% Ki-Ks(i\ WiiPCSUE-I 

<r>-b*x.>)7--ffemtfH5^miZ&PC S UE - I DSffl 
i:ni*>PCSUE-I D6'&lt&fk-«-3ft.&C biz* 

o 

[0073] ftiS^^ + a'J r- afloat* 
§pcsue-i D*flm»»a«« 

JtU J: o r * - l-*t o TMt & h X n 
[&2] 

[0 0 7 4] i fc. tSS:<7> PCSUE-ID£0 r«h: 
[t3] 

{<7'^-t2^t»$8>} K 5 + |<7^t7t»$g>| K 4 + 
!<T^"tz^t«a>} K 3 + i<7'^-b^tt$8>} K 2 + 
{<7'^-t:^m$S>} K t 

30 

(DXobm&lZlt, -xt ix^tico PC SUE - I D "cfffr^r 

JgflJU AND, XOR, ORfRltSrX^ULTa^ 

[0 0 7 5] o^C, COi:o&7^>XO±/&&i31 
^JKlconTEI 1 0 n-^ a-- h S:#ffilL-Ctt 40 

Wt^o -<7>U 1 0C^t7n-ft- Hi, H50OX 

f77*s3 1 oic^i-^^-tr>x^aLs^jmo^7';i/ 

b 1 7- KRAffif 4 0 0 ) o ^<nm%& 

SLf^-W r (J -C*^^5^*WBfi"« (*-r* 
v*S 4 1 0) o 

[0 0 7 6] lS^aJL£7- Kt> ? f (J (X 
T77'S410, T (J ) U<i, ACLOR^HiLaS 
ttitftillrtAC L^ftk LtEftti (xf77'S 
4 1 1 ) o ZV'ik, ^NB?- TOJ UISteL Uf7 50 
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7'S 4 1 2 ) , ^UACL^f? 1 7- KR*ffl1- (X 
T77'S4 13) o rOfi Bt*ttlL7t:9- Krt* T (J 
■C***5**fl»fL (Xf77'S 4 14), r (J -C 
RftNBi: TlJ **n*Lfc {Xry-f 
S4 15) fl ^T77'S4 13 ciffLtS^ or 
O 1 7- K^rllE^aSi-o 

[0077] «*ajL9- k** r (J 

(Xf77'S4 14 1 ^-Ojlfc) Ufi. $f>UC£>tt*fli 
Lfc7-K* c D J -e*^^5^SrfiJSffi"^ (Xx y-7' 
S 4 1 6) o COR*lBLfc7- Krt ? D J -C&v** 
fi\ 1-^fc*,-€-<7>ife-e*^«^U(i, ^7 7 7'S4 1 3 

c«fu ^^(iACL^«b 1 7- k*r*im-o - 

Brt* TOJ X'&Zfr'gfrimVSilrZ (Xf 7 7'S4 1 
7) o NB^TOJ "C4v*»-fr Uf77 4 S4 17 ( N 

0) NB<Z>ttri»«b nj«»U Xf77 ( S4 1 
3UIMtU ^^CACLjJ^ 1 7- KStc^mi-o 

[0078] N B rt ? T 0 J co <h £ (^f 77*S41 7, 
YES) UWt, ACLOa«Ett*co— o^«TSrg5ttI*3A 
CLO» ( ftt LTS21f.-f * (^777'S 4 19) o {-O 
C<0|S3UU*]AC L^T^-tV^tffiffll^ (X 

t77'S 4 2 0) , -e-owpftfta Lt:i^l»)ttS:r 

^•fc^*ftACUift*n1-*4&a*lTo"C Uf 77 4 S4 

2 1) , xf77'S40 ot:gfft^o cai:J:otM 
iMOACL^M^ii^o 

[0 0 7 9] -^n K*BU7- K* s r (J 
^ (^f-7 7'S4 1 0, ^coftil) £<bU, ^OI 

5***Hf-i-* U777 , s4io) o tom&ttttzit 
^tftkftv&zm&itza, co*f**r*-fc**#Ac 

URjgL (Xf77*S431) . ^0*^4:tt»]-BriB* 
WI^«*-Kp t LTK3cL (^f77*S43 
2) , X777'S 4 0 0i:mTU ^ibCACL^U 
7- K^ffifo 

[0 0 8 0] K*(BLfc9- K*«Wa*fr£ fc(±fttt* 
fr-Civ^fi- Uf77'S410, ^Oftfl) £<b 
dcOfS^m L/w7- Krt ? TORJ -C*-&**5^«rfl 
SrT* (X777 , S 4 3 0) o !S^ffiL£7- K* ? f O 
RJ -C*4»-&-U«±, COBt*iti Lfc7- K^b&OA 
CL<7)7^ -t>^^J«*aS:lT'9 (Xt7 7 4 S4 4 

1) o ^Ofsc. ^CML/:7^-tvxoti:AC^ 
***L4^5*»**IJBf L (Xf77 , S 4 4 2) . AC^ 
^tfLZmir (Xt77'S 4 4 2, YES) tC(i N Xt 

y 7"S 4 4 1 CJ:-57'f-l:>^4SEaaoii}Itffl^ 
T f IAC, hashl Kp, M *) ttJ kW^-t^l: 
15:^ L (xf 77'S 4 4 3 ) , :^ML/:7^>^ 
*ig-f (Xt77'S 4 5 4) o — Jj, 7^-t>X(0^: 
ACa^StL-C^fc^W* Ur77 , S 4 4 2, NO) 

X-r-y 7'S 4 4 1 CU7^-t 
•OfStfflv^T f |Kc, AC, hashl Kp, M *} fflj fc 
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-t>^i:fijEL (Xf77'S 4 4 5 ) , Z<7)± 
titLtzU* >XvMir (Xf 7 7'S 4 5 4 ) 0 
[0 0 S 1 ] — Jj * m^^Lfzn- Ki« TORJ 
M (Xf 7 7'S 4 3 0, e bC, 

(Xf77'S 4 4 0) o tt*tti L/c 7- K** TANDJ 

-eabsa^ufi, ^cois^ajL^7- k^^^acl 

<D?>f *>X£j£&3l£fTV* (Xf77'S 4 5 2) . C 

C, hash! KpJ t & h 7 4 -t > X * jfi" (Xf77*S 70 

4 5 4 ) o 

[0082] § <bu, 'cost^ai Lfc7- tan 

DJ ti^** (Xf77'S 4 4 0, -t^flfe) 
r IKc, AC, hashl KpJ t 7 -f -t> X £jg-f 
Ur77'S 4 5 4) o -nCi: *K ACLj^7>f-t 

[0 0 8 3 ] ogru, mi i i;^t7n-fV- h£# 

BLt, fljffl#v^x^ 5 0<Oft^3I#)iIUov>Tt& 
«t4o HI lUfcv^T, ti*fl]ffl*v*f-A 5 Oti, 

7 7°S 5 0 0) o n >x>yO?l]ffl5#rt*4v>t#£* (* 
f77'S 5 0 0, &L) *CJ4. ^O^J^LSti^il 
U =r>x>yOflJffl5l****ofc»^ (Xf77'S5 

oo, \zi±^ ?>T>y<Dmmm#*mmir2> 
(xf77*s5oi) o ^f&> W}m^m<omw*<D^ 

5 0 2 ), !»aS*OJEW»^S*^iv^ 
4§£* Ut77 , S 5 0 2, &L) Uti\ Xt7 7'S5 0 

[0 0 8 4] .WaS*OSEW#OS**»*o^» 50 

Ut7 7'S 5 0 2, *»)) ftlJf»I DtEBJ? 

• SrR^iBL (Xf77 , S 5 0 3) > tt*(tiL*BfcLfc 
fr&frvmWr-rZ (Xr77'S 5 0 4) olrL^aiLtc^ 
ftLfc*^ (^r-y 7'S 5 0 4, YES) U(i> 

-f-t: >^-^-^<U;Mff LT (Xf77'S5G 

5) > xf 7 7 4 S 5 0 0 izmj-f&o — ;£> gc^ffi It: 
5feBfcL&v*»* (X-rWS 5 0 4, NO) tZi±> or 

6) . o^^»acx^i«« UT7-/S 5 0 6, 

Ufi. ^T7 7'S 5 0 3(:rffLt, ogTco^JI 40 

[0 0 8 5] -yV, ol'^ISf^v^ (Xx-y 
7^ 5 0 6, &L) Uli, DE9J»»*7>f 
-fc>X-tf--y<4 0 Uiiff L (Xf77'S 5 0 7) , £ <b 
Brt^^jc v - rt> 7 -f -fc > X * * ffl Bf-r £ ( X x y 

7'S 5 0 8) o 5:fllrtS* f Jl7--C*4t» ^ (XT7 7' 

5 5 0 8, -x.^-) Xr y^S 5 0 0U©ffLT 

(Xf77 4 S 5 0 8, 7-f-fc>X) e <bU, 50 
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7 4*>XK%ommiS (PCSUE) lUjffL Uxy 
7'S 5 0 9) , Xr / 7°S 5 0 0C§ff LtiiSL^ii 

* -t>x-9--/*4 0^b7^>x^f4f^: t^T- 

[0 0 8 6 ] c:t\ PCSUEUli, (N - 1 ) ffl 
OPCSUE(7)flOTPCSUEr7KL, H^CPC 
SUEiT-TpU itt, 1 - (N- 1 ) OSEft-e*4o 
f:t% #PCSUE i rt ? 7-f *>*«r«S*L7iB**>rt 

[0 0 8 7] H12Ci>vr, if PC SUE i (i, $ 
fIL£^'f-b>X£Kpi T^I-^-f £ (Xr77*6 0 
0) o ^<7>f£, C<*>«*Lfc7*-fcX*frAC j £iF(ffi 
L (X777'S601) . 7 ^-tx^f^AC i Offfffifg 
^PT^PT^^flffif-r^ (Xf 7 7*S 6 0 2) o 7* 
-fcX^ftAC i OfFffif£*ri f ^<0J*^ (Xf77 J S6 
0 2, Tppl) ^v-M^^toT (Xx^y-7°S6 

0 4.) , **&m*fcT-fz>o th^mac i 

OfFflMS** f «T^**»* (Xf77'S 6 0 2, pI) u 
^Ollf lf:7^-t>XrPCSUE (i + 1) U 
MU fI**tt?rS-e\ *PCSUE i Ortffl«a* 

[0 0 8 8 ] o?C, PCSUE (i + 1) (±, PCS 
UE (N) i:«iu fcfcxtf* B^r-vsf 

^til 3 C$t7n-ft- h*#P.SLTlfteB-r*o 
U 1 3 U*5V»T, i-f. SdL/vi^-f-t >XSrKpnT-tS 
Tto (XT7rs 7 0 0) o ^Of&, :<7)}If lf:7 
nx^AC (N) £IF(ffiL (Xf77'S701) , 

(Xt77'S 7 0 2 ) o ffF«***qF^r-C*4»^ (x 
T77'S 7 0 2, t^pT) tCi±^ X7-ftl*lTot (X 
T77'S 7 0 3 ) . *»at»TLT, e*fii:SE3 

[0 0 8 9 ] rnxlftAC (N) izmr&n 

m*£%:&nl-ei>2>1&& (X777 , S 7 0 2, pJ) iZit, 

^ (7) L K c Til i n > f > 7 ffl ^ L (Xf77 J 

S 7 0 4 ) , PU:3 >T>y *fiifv^y;^S4 

L (xf77 , S 7 0 5). **iaS:»Ti-4o 
[0 0 9 0] **fii7-f-t>^oa*j61S: 

l JX hACLt=i>f> 7fl^^r - <h YS4f/<y x 1 
4 4 0ftl5*I D-C*&*-Kp4:fflv^TBf-^ffcL, 

ioDSN 141i>fV71420^t^7y , J 7;U 
f*t*4MSN 1 4 3OflMi!iB^af0O(tSr + -t L 

[0 0 9 1 ] i-T, X h l/-yf/^X 1 4 0(±, ^-r 
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i 7 1 4 2 iCS#^^oT^MSNS:I«^ji^. COM 
l/-yf/W7 1 4 0 i#ODSNtO#HlkWI& 

fE^1"4<tv 7-f-t:>X(i, IACL, Kcl Kpti 
4 0 v^ — Wi^^ixtz^ <-fc>X{4, B4f/^7>1 
4 4 {z&hiu SifeirV^ x 1 4 4 (4, Str/^ X 1 
4 4 Sfttf^-tZVomW^I D^^.^r-K p £ffl^T 
7^-t>Xr{If L, T^-tX^ft'J X h ACL t ^ > 
t yym^-^-K c £ £W#U 7 ?-fcx£ftAC l** 

^7?^X£ft£i|t!&1-4i##(I, n/f>7flf^r 
-KcCctoTfl-^-^ff^ C^t#, a^£*L*:3> 
f- >y (4, B±r/^xi4 4i:J:otS4$^:i: 

[0 0 9 2 ] ±*BL^^4:>Xg*<!:^^>XlRf# 
U 443 yf yyiSm-^mzmi 5^tf-^7n- 

xf^5 ofi(iibnt4a^^m$-c(4, ifn>r> 

7 £fl]ffl^4;^:7^>X^*^ai 5 2 £^a^9?t 
I DIEW#£#LT^^>*-*f-^4 0 tiSltB-f 4 0 
COBS, *»3SS*I DJ£9J»<4, *JJBI*#4*5E«faR* 
IEW#^«a 15 3i:to TfiJfflSR«1*5E!»a5?* 1 

[0 0 9 3 ] — ?T, 7>f-t>^-^4 0 35^7>f-t> 
X7^1i£;li4i:^>f -ir^Xfljtffj&ai 5 6 (4, 

\z % fijfflai«#5e»as3Ri DBBEdaai s 4^uffl5R 

«#«*aR3RttW#flR»«ka 1 5 3 ^^LTM^ 
ID«i#l, S&U&lMiai 5 7*&WBtt«*JR 

[0 0 9 4] fit, ^>f>7j^Ml 5 9(4, 3 

>x>yfS#*-£ffl^Tf£il3 y-y-yy 1 5 8 ifl* 

7(4, fijffltt«Ettwa5f* 1 5 1 uii*nu mmwk 
[oo9 5] t*r^-t\ si 6(4, ms^mLfz^^n 
ffl««i|#5e»aR*»f#aEW»<o^«:(4, f^^iu 

mmt, #tHf$K»II<4, IC*-Ki:Uf^xi 

&4<0T\ W -VEttt#«LTig 1 5i:^t&Mi 
fc***+4«&K"***4o 
[0 0 9 6] ±i6Lfcj|JS^)JBS-e(4, ^;foi*4 
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4 Q vl<7)ff£\ n>r->^-t-/<3 0 75 ? ^^-L'>X-^- 
/<4 oni:rtttE«SHfc«rici: LTflXt)fSx.(44^o 
[0 0 9 7] ±«Lfc*«io»»-c«±, KH5- 

[0 0 9 8] ±2L^^ff^C*tfti5S 
70 (1(4, ?lJffl#vX-r A 5 OUH5eOIS«OAT*(43S:< , 

<T, -Tife^CD-ROMx DVD, MO, IC^- 

o T- * 4 o -<7)pTfiSS<7) ffiSMiffjWB ft 4 *M§» 
X-r Ai;J3v>-C(4, C<7)fiJffl#vX-r AUHSe^ftaj! 

* win at, cofflv^iii^rjftMoiBaaftfc^aR 

* U** *1T, n > -r > >y 05pJffliWJ»*f& ZiX&Zt {Z 
ttho 445, fllffitv^fA 5 0 CigO^fV 7, 00 

[0 0 9 9] 

=* > x > y ofiW-cifiJ ffl S *x4 iti:7^t> 
X7>*WUSit*Sli4!»a»*0«#4:iB«L. IE*L 

a > t- y y o^iEfijffl ^fflJKA < l»ihi-4 - fc § 4 
[0 10 0] *#&93K4*U4, «**3&*3>-r> 

.50 ^o«-?-ufijfflstL4 iti:7 -(-tyxtmiz-gi-fmz 

K4i»a5f*^fll«S:«»L, «»Lfe»aSf*^«« 

nagcfv^r a*«43 4 trwMiF ^r*i**Bi*ft it? 

•t>xS:tiftnJ:^lftlfcot% ^y-fyy^lE 

mmzmm& < »jh+4 - 1 w * 4 1 a***-r 

4 o 

[HS<30ffi#*gl^] 

[mil m*o»tt'c*4 3>-f'>-ywffl« 

[[12] in:^ifcfftflif v^f^2 ooflaftl 
^/o ^HI^tkI" v u -^-v - h-e*4o 

[HI 3] #W*frt»aa«#5E5?3R*l*i:0-««:^ 

[(U4 ] HI U7pL/L'3>7^>7^-/<3 0OF*IgPMa 
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